picoCTF Solutions
picoCTF 2024Reverse EngineeringMedium

weirdSnake

Published: April 3, 2024Updated: December 9, 2025

Description

I have a friend that enjoys coding and he hasn't stopped talking about a snake recently He left this file on my computer and dares me to uncover a secret phrase from it. Can you assist?

Setup

Bytecode reversing

Download the bytecode file snake and examine it with tools like uncompyle6 or Python's dis module.

Translate the extracted logic into a new Python script that performs the inverse XOR operations.

wget https://artifacts.picoctf.net/c_titan/31/snake && \ python3 your_decrypt.py

Solution

  1. Step 1Recover the key
    Disassembly shows key_str being built into t_Jo3. Convert that string into a key list of ordinals.
  2. Step 2Recreate the input list
    The bytecode stores the ciphertext integers in a list (input_list). Copy those numbers into your script.
  3. Step 3XOR decrypt
    Extend the keystream until it matches input_list length, XOR each pair, and join the characters to reveal the flag.
    result = ''.join(chr(a ^ b) for a,b in zip(input_list, key_list))

Flag

picoCTF{N0t_sO_coNfus1ng_sn@ke_30a...}

The decrypted string from the XOR routine is the final flag.